On March 11, 2021, the Security & Trust Unit held the Tech Talk “Scenari, approcci, esperienze di strong authentication pre e post direttiva PSD2” for Dedagroup.
After an introduction by Silvio Ranise on the Security & Trust research unit, Marco Pernpruner talked about the PSD2 and its effects on authentication protocols, finally describing a methodology that we have developed to analyse the security and risk of such protocols. Then, Andrea Bisegna and Roberto Carbone provided details and a practical demonstration about the Micro-Id-Gym tool, developed within the research unit.
Andrea Bisegna, Roberto Carbone, Giulio Pellizzari, Silvio Ranise
Micro-Id-Gym: a Flexible Tool for Pentesting Identity Management Protocols in the Wild and in the Laboratory
In: 3rd International Workshop on Emerging Technologies for Authorization and Authentication (ETAA2020) (DOI)
Andrea Bisegna, Roberto Carbone, Ivan Martini, Valentina Odorizzi, Giulio Pellizzari, Silvio Ranise
Micro-Id-Gym: Identity Management Workouts with Container-Based Microservices
In: International Journal of Information Security and Cybercrime (IJISP), Volume 8, Issue 1 (DOI)
Federico Sinigaglia, Roberto Carbone, Gabriele Costa, Silvio Ranise
MuFASA: A Tool for High-level Specification and Analysis of Multi-factor Authentication Protocols
In: Emerging Technologies for Authorization and Authentication (ETAA 2019) (DOI, complementary material, news)